Privacy Policy

Last updated: January 2025

1. Introduction

This Privacy Policy describes how Conscious Digital MTÜ ("we", "us", or "WhiteBoar") collects, uses, and protects your personal information when you use our AI-driven website creation and hosting services. We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

Conscious Digital MTÜ

Registration number: 80600079

Harju maakond, Tallinn, Sakala tn 7-2, 10141, Estonia

info@consciousdigital.org

3. Information We Collect

We collect the following types of information:

Personal Information

  • Name, email address, phone number
  • Business name, address, VAT number
  • Payment information (processed securely by Stripe. WhiteBoar does not store or have access to your credit card details)

Business Information

  • Business description, industry, target audience
  • Logos, photos, and other materials you upload
  • Design preferences, color choices, content requirements

Technical Information

  • Website usage data via Google Analytics (anonymous)
  • Server logs, IP addresses, browser information
  • Performance metrics for service optimization

4. How We Use Your Information

We use your information for:

  • Providing and delivering our AI-driven website creation services
  • Generating custom brand identities and website designs
  • Hosting and maintaining your website
  • Communicating with you about your service and account
  • Improving our AI algorithms and service quality. Customer data may be anonymized and aggregated for AI model improvement. Individual identifying data is never used for training AI models
  • Complying with legal obligations and protecting our rights
  • Understanding how our services are used (anonymized data only)

5. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Contract performance - to provide the services you requested
  • Your explicit consent for specific processing activities
  • Legitimate interests - including fraud prevention, service security, business analytics using anonymized data, and improving service quality. We conduct balancing tests to ensure our interests do not override your rights
  • Legal obligations - to comply with tax and regulatory requirements

6. Data Sharing and Third Parties

We share your information only with:

  • Vercel - for website hosting and deployment (servers located in EU)
  • Supabase - for database hosting and user authentication (servers located in EU)
  • Stripe - for secure payment processing (PCI-DSS compliant)
  • Google Analytics - for anonymous usage statistics with IP anonymization enabled
  • Resend - for transactional email delivery and service communications

All data processing occurs within the European Union. We do not transfer data outside the EU.

We never sell your personal information to third parties.

7. Data Retention

  • We retain your personal data for as long as your account is active
  • After account termination, personal information (name, email, contact details) is deleted after 30 days. Generated website code and designs are retained for 90 days to allow recovery if needed, then permanently deleted
  • Some information may be retained longer where required by law (e.g., tax records for 7 years)
  • Backup copies are automatically deleted within 90 days

8. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access - request a copy of your personal data
  • Rectification - correct inaccurate or incomplete data
  • Erasure - request deletion of your data ("right to be forgotten")
  • Restriction - limit how we use your data
  • Data portability - receive your data in a portable format
  • Object - object to certain types of processing
  • Withdraw consent - withdraw consent at any time

To exercise any of these rights, contact us at info@consciousdigital.org. We will respond to your request within 30 days as required by GDPR

You also have the right to lodge a complaint with your local data protection authority

9. Cookies and Tracking

  • We use Google Analytics cookies to understand website usage. IP anonymization is enabled, data is retained for 26 months, and all data is anonymized. You can opt out at any time using browser settings or the Google Analytics Opt-out Browser Add-on
  • Essential cookies for website functionality and user preferences (theme, language)
  • We do not use marketing or advertising cookies
  • You can control cookies through your browser settings or opt out of Google Analytics tracking

10. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • SSL/TLS encryption for all data transmission
  • Secure server infrastructure with regular security updates
  • Limited access to personal data on a need-to-know basis
  • Regular security monitoring and vulnerability assessments

In case of a data breach, we will notify affected users and authorities as required by law

11. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

13. Contact Us

For questions about this Privacy Policy or to exercise your data protection rights, please contact us at:

Email: info@consciousdigital.org

Address: Harju maakond, Tallinn, Sakala tn 7-2, 10141, Estonia